nixos/tests/systemd.nix at 23.05-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / systemd.nix
at 23.05-pre 7.2 kB view raw
  1import ./make-test-python.nix ({ pkgs, ... }: {
  2  name = "systemd";
  3
  4  nodes.machine = { lib, ... }: {
  5    imports = [ common/user-account.nix common/x11.nix ];
  6
  7    virtualisation.emptyDiskImages = [ 512 512 ];
  8
  9    environment.systemPackages = [ pkgs.cryptsetup ];
 10
 11    virtualisation.fileSystems = {
 12      "/test-x-initrd-mount" = {
 13        device = "/dev/vdb";
 14        fsType = "ext2";
 15        autoFormat = true;
 16        noCheck = true;
 17        options = [ "x-initrd.mount" ];
 18      };
 19    };
 20
 21    systemd.extraConfig = "DefaultEnvironment=\"XXX_SYSTEM=foo\"";
 22    systemd.user.extraConfig = "DefaultEnvironment=\"XXX_USER=bar\"";
 23    services.journald.extraConfig = "Storage=volatile";
 24    test-support.displayManager.auto.user = "alice";
 25
 26    systemd.shutdown.test = pkgs.writeScript "test.shutdown" ''
 27      #!${pkgs.runtimeShell}
 28      PATH=${lib.makeBinPath (with pkgs; [ util-linux coreutils ])}
 29      mount -t 9p shared -o trans=virtio,version=9p2000.L /tmp/shared
 30      touch /tmp/shared/shutdown-test
 31      umount /tmp/shared
 32    '';
 33
 34    systemd.services.oncalendar-test = {
 35      description = "calendar test";
 36      # Japan does not have DST which makes the test a little bit simpler
 37      startAt = "Wed 10:00 Asia/Tokyo";
 38      script = "true";
 39    };
 40
 41    systemd.services.testservice1 = {
 42      description = "Test Service 1";
 43      wantedBy = [ "multi-user.target" ];
 44      serviceConfig.Type = "oneshot";
 45      script = ''
 46        if [ "$XXX_SYSTEM" = foo ]; then
 47          touch /system_conf_read
 48        fi
 49      '';
 50    };
 51
 52    systemd.user.services.testservice2 = {
 53      description = "Test Service 2";
 54      wantedBy = [ "default.target" ];
 55      serviceConfig.Type = "oneshot";
 56      script = ''
 57        if [ "$XXX_USER" = bar ]; then
 58          touch "$HOME/user_conf_read"
 59        fi
 60      '';
 61    };
 62
 63    systemd.watchdog = {
 64      device = "/dev/watchdog";
 65      runtimeTime = "30s";
 66      rebootTime = "10min";
 67      kexecTime = "5min";
 68    };
 69  };
 70
 71  testScript = ''
 72    import re
 73    import subprocess
 74
 75    machine.wait_for_x()
 76    # wait for user services
 77    machine.wait_for_unit("default.target", "alice")
 78
 79    # Regression test for https://github.com/NixOS/nixpkgs/issues/105049
 80    with subtest("systemd reads timezone database in /etc/zoneinfo"):
 81        timer = machine.succeed("TZ=UTC systemctl show --property=TimersCalendar oncalendar-test.timer")
 82        assert re.search("next_elapse=Wed ....-..-.. 01:00:00 UTC", timer), f"got {timer.strip()}"
 83
 84    # Regression test for https://github.com/NixOS/nixpkgs/issues/35415
 85    with subtest("configuration files are recognized by systemd"):
 86        machine.succeed("test -e /system_conf_read")
 87        machine.succeed("test -e /home/alice/user_conf_read")
 88        machine.succeed("test -z $(ls -1 /var/log/journal)")
 89
 90    with subtest("regression test for https://bugs.freedesktop.org/show_bug.cgi?id=77507"):
 91        retcode, output = machine.execute("systemctl status testservice1.service")
 92        assert retcode in [0, 3]  # https://bugs.freedesktop.org/show_bug.cgi?id=77507
 93
 94    # Regression test for https://github.com/NixOS/nixpkgs/issues/35268
 95    with subtest("file system with x-initrd.mount is not unmounted"):
 96        machine.succeed("mountpoint -q /test-x-initrd-mount")
 97        machine.shutdown()
 98
 99        subprocess.check_call(
100            [
101                "qemu-img",
102                "convert",
103                "-O",
104                "raw",
105                "vm-state-machine/empty0.qcow2",
106                "x-initrd-mount.raw",
107            ]
108        )
109        extinfo = subprocess.check_output(
110            [
111                "${pkgs.e2fsprogs}/bin/dumpe2fs",
112                "x-initrd-mount.raw",
113            ]
114        ).decode("utf-8")
115        assert (
116            re.search(r"^Filesystem state: *clean$", extinfo, re.MULTILINE) is not None
117        ), ("File system was not cleanly unmounted: " + extinfo)
118
119    # Regression test for https://github.com/NixOS/nixpkgs/pull/91232
120    with subtest("setting transient hostnames works"):
121        machine.succeed("hostnamectl set-hostname --transient machine-transient")
122        machine.fail("hostnamectl set-hostname machine-all")
123
124    with subtest("systemd-shutdown works"):
125        machine.shutdown()
126        machine.wait_for_unit("multi-user.target")
127        machine.succeed("test -e /tmp/shared/shutdown-test")
128
129    # Test settings from /etc/sysctl.d/50-default.conf are applied
130    with subtest("systemd sysctl settings are applied"):
131        machine.wait_for_unit("multi-user.target")
132        assert "fq_codel" in machine.succeed("sysctl net.core.default_qdisc")
133
134    # Test systemd is configured to manage a watchdog
135    with subtest("systemd manages hardware watchdog"):
136        machine.wait_for_unit("multi-user.target")
137
138        # It seems that the device's path doesn't appear in 'systemctl show' so
139        # check it separately.
140        assert "WatchdogDevice=/dev/watchdog" in machine.succeed(
141            "cat /etc/systemd/system.conf"
142        )
143
144        output = machine.succeed("systemctl show | grep Watchdog")
145        # assert "RuntimeWatchdogUSec=30s" in output
146        # for some reason RuntimeWatchdogUSec, doesn't seem to be updated in here.
147        assert "RebootWatchdogUSec=10min" in output
148        assert "KExecWatchdogUSec=5min" in output
149
150    # Test systemd cryptsetup support
151    with subtest("systemd successfully reads /etc/crypttab and unlocks volumes"):
152        # create a luks volume and put a filesystem on it
153        machine.succeed(
154            "echo -n supersecret | cryptsetup luksFormat -q /dev/vdc -",
155            "echo -n supersecret | cryptsetup luksOpen --key-file - /dev/vdc foo",
156            "mkfs.ext3 /dev/mapper/foo",
157        )
158
159        # create a keyfile and /etc/crypttab
160        machine.succeed("echo -n supersecret > /var/lib/luks-keyfile")
161        machine.succeed("chmod 600 /var/lib/luks-keyfile")
162        machine.succeed("echo 'luks1 /dev/vdc /var/lib/luks-keyfile luks' > /etc/crypttab")
163
164        # after a reboot, systemd should unlock the volume and we should be able to mount it
165        machine.shutdown()
166        machine.succeed("systemctl status systemd-cryptsetup@luks1.service")
167        machine.succeed("mkdir -p /tmp/luks1")
168        machine.succeed("mount /dev/mapper/luks1 /tmp/luks1")
169
170    # Do some IP traffic
171    output_ping = machine.succeed(
172        "systemd-run --wait -- /run/wrappers/bin/ping -c 1 127.0.0.1 2>&1"
173    )
174
175    with subtest("systemd reports accounting data on system.slice"):
176        output = machine.succeed("systemctl status system.slice")
177        assert "CPU:" in output
178        assert "Memory:" in output
179
180        assert "IP:" in output
181        assert "0B in, 0B out" not in output
182
183        assert "IO:" in output
184        assert "0B read, 0B written" not in output
185
186    with subtest("systemd per-unit accounting works"):
187        assert "IP traffic received: 84B" in output_ping
188        assert "IP traffic sent: 84B" in output_ping
189
190    with subtest("systemd environment is properly set"):
191        machine.systemctl("daemon-reexec")  # Rewrites /proc/1/environ
192        machine.succeed("grep -q TZDIR=/etc/zoneinfo /proc/1/environ")
193  '';
194})